25đź‘Ť
Twilio evangelist and maintainer of django-twilio here.
What you’re looking to build is something very easy to do, I can outline the steps for you here:
- Create a Django model that stores a user’s number and a generated passcode
- When a new user is created, take their number and SMS them the code using the Twilio REST API
- When they enter the passcode you sent them, cross reference it with the one stored in the database.
- If the number is right: verify them, if not, tell them it is wrong and offer to send them an SMS again.
6đź‘Ť
You can use django-passcode as an app in your project.
It exposes APIs to “register” a mobile number and “verify” through SMS based passcode. It uses mobile number and device id pair as unique. It also generates and returns a token for future authorization requests from mobile app. You can use Twilio or any other SMS api to send sms.
https://github.com/sgurminder/django-passcode
I appreciate your feedback for django-passcode
- Django request.user.is_superuser doesn't work
- Access token from view
- Access Apache SetEnv variable from Django wsgi.py file
- Changes made to (static) CSS file not reflecting in Django development server
4đź‘Ť
Disclaimer: I’m the maintainer of Django-phone-verify
What you’re looking to accomplish is very easy with django-phone-verify app. It comes with Twilio & Nexmo already integrated and a few endpoints which you can extend as per your use case.
This package aims at verifying if a phone number requested by a particular client belongs to them. It also takes care of ensuring that the same device provides the verification of the passcode which initially requested a passcode to be sent, saving you a few hours of work.
This package also doesn’t mess up with your current user model at all. You’re free to use this package exactly for one thing: verifying phone numbers. Whether you do it for users, companies, etc. depends on your use case.
It follows the Unix philosophy of Do one thing; do it well
Installation
pip install django-phone-verify
Configuration
- Add app to INSTALLED_APPS:
# In settings.py:
INSTALLED_APPS = [
...
'phone_verify',
]
- Add settings in your
settings.pyfile:
# Settings for phone_verify
PHONE_VERIFICATION = {
'BACKEND': 'phone_verify.backends.twilio.TwilioBackend',
'TWILIO_SANDBOX_TOKEN':'123456',
'OPTIONS': {
'SID': 'fake',
'SECRET': 'fake',
'FROM': '+14755292729'
},
'TOKEN_LENGTH': 6,
'MESSAGE': 'Welcome to {app}! Please use security code {otp} to proceed.',
'APP_NAME': 'Phone Verify',
'OTP_EXPIRATION_TIME': 3600 # In seconds only
}
- Migrate the database:
python manage.py migrate
You get two endpoints (Check API docs), one for registration of phone number and the other to verify the passcode. You may override verify endpoint to also create a user as described in the usage docs: https://github.com/CuriousLearner/django-phone-verify/blob/master/docs/usage.rst
- Django South Error: AttributeError: 'DateTimeField' object has no attribute 'model'`
- Email as username in Django
1đź‘Ť
Recently I was looking for any library or scheme to sign-in/sign-up users through sms (send sms code and then validate).
Short solution:
- Create sms model to generate code for phone number
- Send sms with code to client (for example, use twillio)
- User got code. And send phone_number + code
- Validate it. Response any useful information
Also:
- You must to use async code or celery to send sms
- Add sms lifetime (for example, 30 seconds)
- Clean phone number to valid format
- Get or create user by phone number
You may to use this library, for example:
https://github.com/a1k89/django-rest-sms-auth
- 'Questions ' object is not iterable Django
- Django and MPTT – get only leaf nodes
- Can Django run on Gunicorn alone (no Apache or nginx)?
- Is Django Book platform available?